Our Hertfordshire based client is looking to recruit a Data Protection & Security Officer to work out of their office based in Letchworth.

Overview of role and responsibilities
*Develop, monitor and review the data protection strategy; developing principles and policies for the Group.
*Perform information audits, in accordance with Group policies and guidelines.
*Ensure compliance with adopted recognised national security standards e.g. ISO27001, PCI-DSS etc.
*Review new legislation and services to advise on the potential impact on compliance with Data Protection, Information Governance and Policies.
*Investigate and report on breaches and potential breaches of the legislation.
*Ensure that data subjects are adequately informed of the purposes for which we process data and their rights under the Act and any other relevant legislation.
*Inform employees of their legal responsibilities.
*Provide advice and assistance to staff on data and information ownership issues. This will include direct-input by operational staff, information accuracy and the development of relevant tools.
*Work in conjunction with the Chief Information Officer in support of the relevant policies and guidelines .
*Monitor compliance with and the effectiveness of the data protection principles policies and standards, reporting to senior officers as required.
*Control and coordinate a register of data access rights, including new registrations, amendments and deletions.
*Liaise with technical staff to ensure technical measures are implemented to conform to data protection requirements and access rights.
*Monitor and report on trends of disclosures including data access/protection complaints, proposing, agreeing and implementing corrective actions.
*Produce and present information to ensure that there is widespread awareness of Data Protection.
*Assist with the creation and implementation of business continuity plans.
*Manage the Group's data protection registration.
*Oversee the Group's IT access control to ensure that the personnel controls are robust.
*Assist in reviewing and monitoring the Group's commercial data security, suggesting enhancements, where applicable.
*Group intranet maintenance.

Knowledge and skills:
*ISEB (Information Systems Examination Board) Certificate or Data Protection Solicitor
*Demonstrable post-qualification experience as a Legal Officer in a similar role

Thank you for inspecting this vacancy advert. This vacancy is being handled by Steve Green. All applications handled with care and confidentiality. *Every time we send a CV to a client we will donate £2 to charity Deerfoot IT - Established since 1997 as a dedicated IT recruitment consultancy. REC member. ISO9001:2008 certified.